This document provides a cybersecurity tutorial for Florida State University students, faculty and staff. It discusses common cyber threats like identity theft, hackers, malware and phishing. It outlines the consequences of cyber attacks like job hindrances, data loss, and disciplinary actions. It recommends top actions to take like protecting passwords, preventing identity theft, avoiding malware, running antivirus software, installing updates, backing up files, and turning on firewalls. It provides resources for cybersecurity at work and home and links to the FSU cybersecurity quiz.
4. INFORMATION TECHNOLOGY SERVICES
CYBERTHREATS
Identity Thieves
People who obtain unauthorized
access to your personal
information—such as your
FSUID, SSN, bank accounts and
passwords. They use this to
commit crimes such as fraud or
theft.
Hackers
Hackers are people who secretly
get access to a computer system
in order to steal information or
cause damage.
Malware
Malware (short for "malicious
software") is any program or file
that is harmful to a computer user,
including computer viruses,
worms, Trojans and spyware.
Phishing
Phishing steals personal
information by tricking you into
clicking a link or entering your
username & password. Phishing
comes in many forms: emails,
phone calls, website downloads.
6. INFORMATION TECHNOLOGY SERVICES
CONSEQUENCES
Job
Hindrances
• Loss of access to campus computing network
• Inability to access files and do work
Data Loss
• Loss of confidentiality and integrity
• Loss of valuable university info or research
• Compromised personal data
Disciplinary
Actions
• Lawsuits
• Loss of public trust
• Loss of grant opportunities
• Prosecution
• Internal disciplinary action
• Termination of employment
7. ACTIONS
Follow these tips to
protect yourself, others
and the university from
common cybersecurity
threats.
8. INFORMATION TECHNOLOGY SERVICES
INFORMATION TECHNOLOGY SERVICES
Top Eight Cybersafety Actions
ACTIONS
Protect Passwords
Prevent Identity Theft
Beware of Phishing
Avoid Malware
Run Antivirus Software
Install Updates
Back Up Important Files
Turn On Firewalls
10. INFORMATION TECHNOLOGY SERVICES
PROTECT PASSWORDS
o NEVER share your passwords with anyone!
o Create strong passwords that are difficult to guess
o Avoid dictionary words
o Do not use common passwords, such as password1, abc123, qwerty1,
letmein, yourname1
o Change your passwords periodically and when creating a password
o Use at least eight characters
o Mix uppercase and lowercase letters, numbers and symbols
o Use mnemonics to help you remember a difficult password
o Example: $e^^iNo1e = Seminole
o Example: W00H!TCwontW$ = Woohoo! The Cubs won the World Series
o Use different passwords for different sites
o Store passwords in a safe place
o Never keep passwords on a sticky note near your computer
o Consider using a password vault such as LastPass or KeePass
11. INFORMATION TECHNOLOGY SERVICES
PREVENT IDENTITY THEFT
o Don’t give out Social Security numbers, driver license numbers, bank
account numbers or other personal information unless you know exactly
who’s receiving it
o Protect other people’s information as you would your own
o Never send personal or confidential information via email, text message, or
instant message
o Every year, order a copy of your credit report from each of the three major
credit bureaus—Equifax, Experian and Trans Union
o www.equifax.com
o www.transunion.com
o www.experian.com
12. INFORMATION TECHNOLOGY SERVICES
BEWARE OF PHISHING
o Phishing attacks steal personal information by tricking
you into doing something, like clicking a link or entering
your username and password. Phishing comes in many
forms: emails, phone calls, website downloads. These
phishing attempts may look like they are from Florida
State University—often IT Services or the Service
Desk—but don’t fall for the tricks! Follow these tips to
help protect yourself from phishing attacks.
o REMEMBER! FSU WILL NEVER ASK YOU FOR
YOUR FSUID USERNAME AND PASSWORD IN AN
EMAIL OR PHONE CALL.
13. INFORMATION TECHNOLOGY SERVICES
TIPS TO AVOID PHISHING SCAMS
o Be skeptical of messages that require “immediate action” or threaten that
you will lose something.
o Instead of clicking, type website addresses in your browser to access
sites directly.
o Before clicking, hover over or long tap a link to display the true URL and
see if it is linking to a reputable website.
o Think before clicking email and website links and never click a link that
you don’t trust.
o Do not open attachments you aren’t expecting—especially ZIP files—and
NEVER run .exe files.
o Avoid providing personal information over the phone, especially from an
unsolicited call.
o Never send credit card or other sensitive information via email.
o Use common sense. If it looks like spam, then it probably is spam.
14. INFORMATION TECHNOLOGY SERVICES
AVOID MALWARE
o Be wary of invitations to download software from unknown sources;
even clicking advertisements can result in malware downloads like
ransomware, spyware, and adware.
o Ransomware is a type of malware that prevents or limits users from
accessing their system—either by locking the screen or encrypting
the user’s files—unless a ransom is paid
o Spyware records your actions and keystrokes to steal your
passwords, credit card numbers, and other confidential information
o Adware not only slows your computer, but can track the sites you
visit
15. INFORMATION TECHNOLOGY SERVICES
RUN ANTIVIRUS SOFTWARE
o Antivirus software removes viruses and quarantines and repairs
infected files and can help prevent future viruses
o Viruses can be transmitted via email, email attachments or IM
o To avoid computer problems caused by viruses, install and run an
antivirus program like Norton, McAfee or Windows Defender
o Check to see if your antivirus solution is up to date by periodically
opening your antivirus program and checking the last updated date
16. INFORMATION TECHNOLOGY SERVICES
INSTALL SOFTWARE AND
SECURITY UPDATES
o Updates, also known as patches, fix problems with:
o Operating systems (e.g., Windows 10, Mac OS X, Android and
iOS)
o Software (e.g., Microsoft Office, Creative Cloud)
o Apps (e.g., Wells Fargo, The Weather Channel, Facebook)
o Most new operating systems are set to download updates by
default.
o Work computers should update automatically. Check with your IT
manager to make sure this is the case. Restart your computer after
updates are installed so the patches can be applied immediately.
17. INFORMATION TECHNOLOGY SERVICES
BACK UP IMPORTANT FILES
o Create offline back-up copies of your files to reduce the risk of
losing important files to ransomware, a virus, computer crash,
theft or disaster
o Save copies of your important documents and files to a flash
drive, external hard drive or online back up service
o Store your back-up files in a secure place away from your
computer, in case of fire, theft or ransomware
o Test your back up files periodically to make sure the files are
accessible and readable
18. INFORMATION TECHNOLOGY SERVICES
TURN ON FIREWALLS
o Firewalls act as protective barriers between computers and the Internet
o Hackers search the Internet by sending out computer messages to random
computers and waiting for responses
o Firewalls prevent your computer from responding to these calls
o Check your computer's security settings for a built-in personal firewall and
make sure it is turned on
o Mac Firewall
o Microsoft Firewall
19. CYBERSECURITY AT
WORK AND HOME
Find out how to keep
your information,
computer, and other
devices secure
wherever you are.
20. INFORMATION TECHNOLOGY SERVICES
o Work with your IT manager before
implementing new cybersecurity
measures
o Talk with your IT manager about
what cybersecurity measures are in
place in your department
o Avoid opening links and attachments
embedded in emails if you cannot
verify the source.
o Use a cross-cut shredder to destroy
documents containing sensitive
information, such as non-directory
student information, FSU proprietary
documents and employee Social
Security numbers and other private
information
o Report to your IT manager any
cybersecurity policy violations,
security weaknesses or any
suspicious activity by unauthorized
individuals in your work area
o Check with your IT manager before
installing any programs on your work
computer
o Take a moment to read the FSU
information policies
at its.fsu.edu//ispo/Policy
o Lock your workstation when
unattended
o Log off your computer when you
leave for the day
CYBERSECURITYAT WORK
21. INFORMATION TECHNOLOGY SERVICES
o Never leave your laptop, tablet or phone
unsupervised and in plain view
o Password protect all your devices
o Do not install unnecessary programs or
apps on your computer or phone
o Install a firewall on your home network
and PC
o Run a full anti-malware scan regularly
o Watch what you share on social networks.
Criminals can befriend you and easily gain
access to a shocking amount of
information.
o Adhere to copyright restrictions when
downloading software, games, movies or
music.
o Use a separate account for each family
member
o Set up each account as a standard
account
o Have a separate account with
administrator privileges
o Don't use the administrator account
for everyday actions
o Set a screen time-out
o Be careful what info you share on the
phone. If someone calls you asking for
sensitive information, it's okay to say no.
Call the company directly to verify
credentials before giving out any info.
o Always be careful when clicking email
attachments or links. If it's unexpected or
suspicious for any reason, don't click on it.
CYBERSECURITYAT HOME
23. INFORMATION TECHNOLOGY SERVICES
o For more info
about cybersecurity
at Florida State
University, visit
its.fsu.edu/ispo
o Follow us on
Twitter
@floridastateITS
UNIVERSITY CYBERSECURITY
RESOURCES
26. INFORMATION TECHNOLOGY SERVICES
Information Technology Services
Information Security & Privacy Office
Florida State University
cybersecuritytraining@fsu.edu
its.fsu.edu/ispo
Philip Kraemer, Training Coordinator
pkraemer@fsu.edu
Feel free to contact us with questions or comments on information security or
privacy at Florida State University.
CONTACT
Editor's Notes
Ringling ITS installs and updates antivirus
Save copies of your important files to a place where Ringling backs up